You add a new user to the engineering organization in DTR.
Will this action grant them read/write access to the engineering/api repository?
Solution: Add the user directly to the list of users with read/write access under the repository's Permissions tab.
A. Yes
B. No
Correct Answer: A
This action will grant them read/write access to the engineering/api repository, because adding a user directly to the list of users with read/write access under the repository's Permissions tab is one way to grant permissions to a user in DTR. According to the official documentation, this is an example of using fine-grained permissions for a repository.
Question 162:
A service 'wordpress' is running using a password string to connect to a non-Dockerized database service. The password string is passed into the 'wordpress' service as a Docker secret. Per security policy, the password on the database was changed. Identity the correct sequence of steps to rotate the secret from the old password to the new password.
A. Create a new docker secret with the new password. Trigger a rolling secret update by using the 'docker secret update' command
B. Trigger an update to the service by using 'docker service update --secret='
C. Create a new docker secret with the new password. Remove the existing service using 'docker service rm'. Start a new service with the new secret using "--secret="
D. Create a new docker secret with a new password. Trigger a rolling update of the "wordpress" service, by using "--secret-rm" and "--secret-add" to remove the old secret and add the updated secret.
Correct Answer: D
Question 163:
Will this command display a list of volumes for a specific container? Solution: docker volume inspect nginx'
A. Yes
B. No
Correct Answer: B
Question 164:
You are troubleshooting a Kubernetes deployment called api, and want to see the events table for this object.
Does this command display it?
Solution: kubectl events deployment api
A. Yes
B. No
Correct Answer: B
Using kubectl events deployment api does not display the events table for this object. The kubectl events command shows cluster-level events, but it does not accept a resource name as an argument. To see the events table for this object, you need to use kubectl describe deployment api.
Question 165:
Which one of the following commands will show a list of volumes for a specific container?
A. 'docker container logs nginx --volumes'
B. 'docker container inspect nginx'
C. 'docker volume inspect nginx'
D. 'docker volume logs nginx --containers'
Correct Answer: B
Question 166:
Is this an advantage of multi-stage builds?
Solution: optimizes Images by copying artifacts selectively from previous stages
A. Yes
B. No
Correct Answer: A
Optimizing images by copying artifacts selectively from previous stages is an advantage of multi-stage builds. Multi-stage builds allow you to use multiple FROM statements in your Dockerfile, each starting a new stage of the build. You can selectively copy artifacts from one stage to another, leaving behind everything you don't want in the final image. This reduces the size and complexity of your images, and improves security and performance.
Question 167:
During development of an application meant to be orchestrated by Kubemetes, you want to mount the /data directory on your laptop into a container.
Will this strategy successfully accomplish this?
Solution: Create a Persistent VolumeClaim requesting storageClass:"" (which defaults to local storage) and hostPath and use this to populate a volume in a pod.
A. Yes
B. No
Correct Answer: A
This strategy does successfully mount the /data directory on your laptop into a container. Creating a persistentVolumeClaim requesting storageClass:"" (which defaults to local storage) and hostPath and using this to populate a volume in a pod is a valid way to mount a host directory into a container in Kubernetes. A persistentVolumeClaim is a request for storage by a user or an application. A persistentVolume is an abstraction that represents a piece of storage in the cluster. A storageClass is a type of storage with a specific provisioner and parameters. A hostPath volume allows you to mount a file or directory from the host node's filesystem into your pod. A local volume allows you to mount local storage devices such as disks or partitions into your pod. By creating a persistentVolumeClaim with storageClass:"" and hostPath, you are requesting a piece of storage that is backed by a hostPath volume on the node where the pod is scheduled. By using this persistentVolumeClaim to populate a volume in a pod, you are mounting the host directory into the container in the pod.
Question 168:
You want to create a container that is reachable from its host's network.
Does this action accomplish this?
Solution: Use network connect to access the container on the bridge network.
A. Yes
B. No
Correct Answer: A
Using network connect to access the container on the bridge network does create a container that is reachable from its host's network. The network connect command connects a running container to another network. By default, Docker creates and connects containers to a bridge network, which is an internal network that isolates containers from each other and from the host. However, you can use network connect to connect a container to another network, such as the host network, which allows the container to share the host's network stack and be reachable from the host's network.
Question 169:
Is this the purpose of Docker Content Trust? Solution: Sign and verify image tags.
A. Yes
B. No
Correct Answer: A
Signing and verifying image tags is the purpose of Docker Content Trust. Docker Content Trust (DCT) is a feature that allows you to use digital signatures for data sent to and received from remote Docker registries. These signatures allow client-side or runtime verification of the integrity and publisher of specific image tags. With DCT, image publishers can sign their images and image consumers can ensure that the images they pull are signed.
Question 170:
Is this a Linux kernel namespace that is disabled by default and must be enabled at Docker engine runtime to be used? Solution: pid
A. Yes
B. No
Correct Answer: B
pid is not a Linux kernel namespace that is disabled by default and must be enabled at Docker engine runtime to be used. pid is a Linux kernel namespace that provides process isolation for containers. It ensures that processes in one container cannot see or signal processes in another container or on the host system. pid is enabled by default for Docker containers and does not require any special flag or option to be used. However, you can disable pid isolation for a container by using --pid host option when creating or running a container. This option connects the container to the host's pid namespace and allows the container to see and signal processes on the host system.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Mirantis exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your DCA exam preparations and Mirantis certification application, do not hesitate to visit our Vcedump.com to find your solutions here.